Latest Email news

Phishing emails abuse Windows search protocol to push malicious scripts

A new phishing campaign uses HTML attachments that abuse the Windows search protocol (search-ms URI) to push batch files hosted on remote servers that deliver malware.
- Bill Toulas
- June 12, 2024
- 06:30 PM
- 1
Free Piano phish targets American university students, staff

A large-scale phishing campaign is using an unusual lure to earn at least $900,000 by tricking email recipients into believing they're about to receive a baby grand piano for free.
- Bill Toulas
- May 29, 2024
- 02:14 PM
- 0
Monday.com removes "Share Update" feature abused for phishing attacks

Project management platform Monday.com has removed its "Share Update" feature after threat actors abused it in phishing attacks.
- Lawrence Abrams
- May 09, 2024
- 06:17 PM
- 0
AT&T delays Microsoft 365 email delivery due to spam wave

AT&T's email servers are blocking connections from Microsoft 365 due to a "high volume" spam wave originating from Microsoft's service.
- Lawrence Abrams
- May 09, 2024
- 01:58 PM
- 11
Microsoft will limit Exchange Online bulk emails to fight spam

Microsoft has announced plans to fight spam by imposing a daily Exchange Online bulk email limit of 2,000 external recipients starting January 2025.
- Sergiu Gatlan
- April 15, 2024
- 03:11 PM
- 0
Medium bans AI-generated content from its paid Partner Program

Medium is banning AI-generated content from its paid Partner program, notifying users that the new policy goes into effect on May 1, 2024.
- Mayank Parmar
- April 14, 2024
- 05:39 PM
- 3
CISA orders agencies impacted by Microsoft hack to mitigate risks

CISA has issued a new emergency directive ordering U.S. federal agencies to address risks resulting from the breach of multiple Microsoft corporate email accounts by the Russian APT29 hacking group.
- Sergiu Gatlan
- April 11, 2024
- 01:47 PM
- 0
Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack

The U.S. Department of Homeland Security's Cyber Safety Review Board (CSRB) has released a scathing report on how Microsoft handled its 2023 Exchange Online attack, warning that the company needs to do better at securing data and be more truthful about how threat actors stole an Azure signing key.
- Ionut Ilascu
- April 03, 2024
- 08:21 PM
- 0
Microsoft warns Gmail blocks some Outlook email as spam, shares fix

Microsoft has confirmed that some Outlook.com users are experiencing issues with emails being blocked and marked as spam when trying to email Gmail accounts.
- Sergiu Gatlan
- April 02, 2024
- 06:09 PM
- 2
Google now blocks spoofed emails for better phishing protection

Google has started automatically blocking emails sent by bulk senders who don't meet stricter spam thresholds and authenticate their messages as required by new guidelines to strengthen defenses against spam and phishing attacks.
- Sergiu Gatlan
- April 01, 2024
- 04:29 PM
- 8
Over 100 US and EU orgs targeted in StrelaStealer malware attacks

A new large-scale StrelaStealer malware campaign has impacted over a hundred organizations across the United States and Europe, attempting to steal email account credentials.
- Bill Toulas
- March 24, 2024
- 10:19 AM
- 0
Tuta Mail adds new quantum-resistant encryption to protect email

Tuta Mail has announced TutaCrypt, a new post-quantum encryption protocol to secure communications from powerful and anticipated decryption attacks.
- Bill Toulas
- March 11, 2024
- 05:21 PM
- 2
Microsoft says Russian hackers breached its systems, accessed source code

Microsoft says the Russian 'Midnight Blizzard' hacking group recently accessed some of its internal systems and source code repositories using authentication secrets stolen during a January cyberattack.
- Lawrence Abrams
- March 08, 2024
- 10:31 AM
- 4
Hijacked subdomains of major brands used in massive spam campaign

A massive ad fraud campaign named "SubdoMailing" is using over 8,000 legitimate internet domains and 13,000 subdomains to send up to five million emails per day to generate revenue through scams and malvertising.
- Bill Toulas
- February 26, 2024
- 09:00 AM
- 0
Over 28,500 Exchange servers vulnerable to actively exploited bug

Up to 97,000 Microsoft Exchange servers may be vulnerable to a critical severity privilege escalation flaw tracked as CVE-2024-21410 that hackers are actively exploiting.
- Bill Toulas
- February 19, 2024
- 01:46 PM
- 0
Microsoft fixes connection issue affecting Outlook email apps

Microsoft has fixed a known issue causing desktop and mobile email clients to fail to connect when using Outlook.com accounts.
- Sergiu Gatlan
- February 01, 2024
- 02:53 PM
- 0
HPE: Russian hackers breached its security team’s email accounts

Hewlett Packard Enterprise (HPE) disclosed today that suspected Russian hackers known as Midnight Blizzard gained access to the company's Microsoft Office 365 email environment to steal data from its cybersecurity team and other departments.
- Lawrence Abrams
- January 24, 2024
- 04:50 PM
- 0
Russian hackers stole Microsoft corporate emails in month-long breach

Microsoft warned Friday night that some of its corporate email accounts were breached and data stolen by a Russian state-sponsored hacking group known as Midnight Blizzard.
- Lawrence Abrams
- January 19, 2024
- 07:02 PM
- 5
Fake 401K year-end statements used to steal corporate credentials

Threat actors are using communication about personal pension accounts (the 401(k) plans in the U.S.), salary adjustments, and performance reports to steal company employees' credentials.
- Bill Toulas
- January 10, 2024
- 01:33 PM
- 0
Nigerian hacker arrested for stealing $7.5M from charities

A Nigerian national was arrested in Ghana and is facing charges related to business email compromise (BEC) attacks that caused a charitable organization in the United States to lose more than $7.5 million.
- Bill Toulas
- January 03, 2024
- 02:34 PM
- 0